Subrata Mazumdar wrote, On 2008-07-12 13:34: > I have created a self-signed cert using certutil. I want to export the > associated private key in Mozilla Cert/Key DB as an un-encrypted private > key to be used by an OpenSSL based App. > The requirement is to use Mozilla NSS API to export the key - not > OpenSSL API or OpenSSL command line tools. > Can I do this? If yes, how?
NSS deliberately does not export private keys in an unencrypted fashion. By agreement of all the major crypto library providers, PKCS12 files are the one common private key interchange format supported by all. The recommended method is: - export to a PKCS12 file using pk12util - convert the contents of the pkcs12 file to openSSL PEM format using OpenSSL command line tool. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
